Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3338a4498dff5bad579c25eda176666e_JaffaCakes118

  • Size

    7.4MB

  • Sample

    240710-ej6gasvgqm

  • MD5

    3338a4498dff5bad579c25eda176666e

  • SHA1

    a51ea7c6780c11c7a0298ff0bb434f521f723f3b

  • SHA256

    265c863c1cda7c59859a7e222b30dbadfa2728f0211269ac6f38636e4c486992

  • SHA512

    8c0ad6265e98b327d97c46ff3a00f6027f83db76c0faf048bb998cecfbf66b7e89fe3d7d075462c387cc7a0f16d6a229ee22f717988582008eb91d9745d4b73a

  • SSDEEP

    196608:M3uB96kukJuaoU7OWWdrJVlK/xo+2BlduNyQrQWPWjFc/3SBwwqHIed:p6kuTG7OWWlJVMpp2+XWa36/U

Score
7/10
upx

Malware Config

Targets

    • Target

      Zoom_Player_Premium_6.00_RC2_Plus_SCH.exe

    • Size

      7.4MB

    • MD5

      12da661b6214e0c3a0c6e03656cff736

    • SHA1

      aa2d173daec31f87bc940818a650a997b40bbeda

    • SHA256

      c881698a3a5eeecddcc0ede74d8af06e0a5ba7c34e39d04640dca3e45e173936

    • SHA512

      7ada11d4622c12e7b098fec92e8fdd777bd5af6ffb6448b9df11483fbdbd3901afd15052dcadca47604cde2eabbd2437cbbf2ada85fb7476b7ad7ad4c52d1ced

    • SSDEEP

      196608:Z3e1fzaUEn89c92SIjCWV/hSRI+IS+Emf2+Can1Cl:Zuf2n89XS+CWVZa3aff18

    Score
    7/10
    • Loads dropped DLL

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      3809b1424d53ccb427c88cabab8b5f94

    • SHA1

      bc74d911216f32a9ca05c0d9b61a2aecfc0d1c0e

    • SHA256

      426efd56da4014f12ec8ee2e268f86b848bbca776333d55482cb3eb71c744088

    • SHA512

      626a1c5edd86a71579e42bac8df479184515e6796fa21cb4fad6731bb775641d25f8eb8e86b939b9db9099453e85c572c9ea7897339a3879a1b672bc9226fcee

    • SSDEEP

      192:i6JaVGQ+xI5EeuyvMmGpeWH2J5xprN+AxT7K72dwF7dBdcQOz:i6JaVh4I5rpPbT7+BdhO

    Score
    3/10
    • Target

      $SYSDIR/ac3config.exe

    • Size

      16KB

    • MD5

      d2db48603dd4ec358f8707fe2be22eb0

    • SHA1

      fb916c80aab7add48cdb83cc5e29723a70ac7d39

    • SHA256

      cdc445315b2a5718778e5607bdb5841aba85f0d94a765e51df3a309038034e29

    • SHA512

      f8dcfafc6ccebab3a939bd8bb317f0556a8bdaec94c4fa57c7b71502d7f2b69116a8196e4c09519d980b38107aea843cd1a518eee47a15b84124dbf6aa8aab0f

    • SSDEEP

      96:lh5sqK9uvkguYzxk8iVouOPtboynsJGb4o:lhW+kgDrAouOP1oyns4k

    Score
    1/10
    • Target

      $SYSDIR/ac3filter.ax

    • Size

      504KB

    • MD5

      f083331b79850b0f6cd77b3a51ed6c00

    • SHA1

      b7cc99c26a9477f4d8f9f92b60783eac03ac4965

    • SHA256

      0d4fb95c124553b36a875c830fa0f7a49ba4ec9f21e1736b141225f1f9b4e48c

    • SHA512

      eeeee070d4121c3383e716f6be4ce2e1a295faab691b799b10b02786bf1feec6b950c8320d68ad7c88986f739465c47d682c6fefec083f9f98b1f52798a9dfaa

    • SSDEEP

      6144:D7l0o7/SrT9rCEs4+uU8Z90qvlnL0PNAILa/Mwyy8uG9g:D7l0QiW4+uUs6q5IO/Mw5

    Score
    1/10
    • Target

      $SYSDIR/avi2ac3filter.ax

    • Size

      152KB

    • MD5

      c2a0912e5760158ffee79803871c8e31

    • SHA1

      08d42f3f8463ac73775283033b0f032e4ffb3aba

    • SHA256

      0d3016ea184f98c9ccde64f896b6a09fc69c817698597df06768b9f5dd2c9030

    • SHA512

      2ad2f5dc0cdbf73c9c93e30f6cd2b86aa680d817c71d5b0ef9d3c6181a2ba6bb209fc55e69702d280f6cd8249e2c4ba4120e78e155e378d8523c80f966e76c50

    • SSDEEP

      3072:f7b2nHKSKTxJpgM3Pr2XfwfxlY8D4USl/9Za9WpH:WKSCx71+qxlY80d9Zgq

    Score
    1/10
    • Target

      $SYSDIR/cddareader.ax

    • Size

      260KB

    • MD5

      b7d7fb864c0a9db026666c5f4fe03f41

    • SHA1

      0d09fdf842e09c3add9439074ac63117526710f8

    • SHA256

      e9dffd5f24879cf36af0901d82f620891ce738f572db26a6aaf4100932e4f64e

    • SHA512

      cc383c56d778391442a6c51821c791633f7b9533218d41e2a7327355321949754c0eeb6aeaa189a0c73f10af1d509777a53b0c3ac6c880763f56f486b68db72c

    • SSDEEP

      3072:mad+fI2CxCz6SiWVhDERfJ+egGROBuvF15+V8bjd61wr730nUwTj6Q0tl9io/Sfo:y8CmSnDERfcegLUbl6rsQi9io/SW

    Score
    1/10
    • Target

      $SYSDIR/cdxareader.ax

    • Size

      248KB

    • MD5

      ad7626525fcd82da4608aa2813134188

    • SHA1

      f74809b1780de796b9c4e98096d0995c4758c972

    • SHA256

      000c5e8238c076deef3bd091a8c83af247a2a24ef59252590f04d946804c9471

    • SHA512

      32f559b8db5188a989e02031ddaa3ee021b31b8f44ae824697302871ca01cab63ae60696bf3d155a6400d2999ab49a49fccbe0eca9b8fed0382e44460d1f8f92

    • SSDEEP

      3072:S35taHwOIkwemfgT3oD44OrKagBGA3PxSoUI4wr73W5UAtMLioEM2y2KO+1:9Ce/3oD4vrKNqo0+LioEfyi

    Score
    1/10
    • Target

      DefaultSettings.exe

    • Size

      10KB

    • MD5

      7bd2c221658efc1613bfbd0626f05574

    • SHA1

      2d3cf6a1f94d3a67a0a618dc77fa72b2bb46635b

    • SHA256

      48fd8b0da177d88255c54f6cd55ea693e3a84d1ed52dd4c106362fb6b36c1c8d

    • SHA512

      ac74a0676b60b52b5b68f9253ba4dd928922edc70b9290b6fdece10256bcfb6e5b629e690b51757f3f3384a47c1b61ebeca891739af5c32ed98a8a423c511546

    • SSDEEP

      192:nmrXZVbn9y97L7fn6zgRPa5zacHSEvMvq1oVBUWfmd:Y+dL7SkRC5DEvf9fa

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      zpic.exe

    • Size

      714KB

    • MD5

      d80959b028da5d6470d293328b2a0ba7

    • SHA1

      ec4b19ea5df2c2c0737beeec34c060380c8163fd

    • SHA256

      e764ced763fe91377ca6b76e8c5b284d841c5e440ecef96845cde5d4f5b6ac1d

    • SHA512

      498bb1cb463149dbbbcc2050b8f8dd5eabb65aab803349af62e0558447017e3d328cf2d24c63018fb15cf3bd9283399d5d52726c9d1364f2a6e0adbc2f459304

    • SSDEEP

      12288:R4ca/W/vCBqYWng3Sy+6On7oXuPelrdBlun1OJ9GdjUU:RVm9BFWnQ47/6bk1OJ9GdjJ

    Score
    3/10
    • Target

      zplayer.exe

    • Size

      1.1MB

    • MD5

      585c65b47b4a381e6d5c024b811fb7e7

    • SHA1

      9261c812bbb032cb4a09e6436abe15f6a3d5c3c2

    • SHA256

      35f37308996854d59ff62796a23dc613adece539a0f36eb5779179c1e261a292

    • SHA512

      3824a28b224dcb694479fb8f51bbe560c1f2133cf3390cd662f17e55452ff857e2d53c003ac0ffdcfab36fbc1484bea58f37f46836fefd6cd0aca2662e247283

    • SSDEEP

      12288:YSIVDRuZEMBqsW/e8SbfZSqrD6x/fjc9VrYIaOKDZ5njNwk9t/zHSUY7eAJA4Fhs:g//7WYqrswNH6VjNNryX7eM36B1Rqj5A

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      zpresampler.dll

    • Size

      11KB

    • MD5

      f3e1188910b03289d190a054fb881764

    • SHA1

      13d2cc2acb3db40e26816422aafebbffc29b929a

    • SHA256

      1b56fca4cf4746f0a3b02b24375148023fdc67c9f1125dc87168214460f074dc

    • SHA512

      79d2bc3a17fae5a1bdd71d1d40a048d564a7841b5e6e0ce4952a606f41f94f2e043542b3a559b33269380602a701ff537b218fa32fd97010ef748fbc53161416

    • SSDEEP

      192:2bveE7E2u2ChnpTGTtJZpoG1bh9IcMjVMPdx6SfGp947L6/buX0yh+:2bveOE2unpTGT96Cbh9IcMjVQPCs7ORl

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      zpupdate.exe

    • Size

      23KB

    • MD5

      1dd1dbbf7622cf006f57c478d209d955

    • SHA1

      ea5aa595248ff31953634e023fa4bda87393d6e7

    • SHA256

      654c9bb7614fce3f7ef74f2e42a66586b2e243548f2ab6ac4983288ca59019c2

    • SHA512

      25aec65845aab4465a15aaa8fd32bd492dff5b18736e7da2cc1e5bb65fada3ae003b0f8db92958fb7f14f17d048485775d5a16b66550e665f456be956de5258e

    • SSDEEP

      384:/FoxqeCLZZEhL86YS1Fyk/d7XxzQEnRrHm0ajdN8OhALWfsXVKV5HaNJawcudoDM:LeCLmY6yEd7hzQEtjadN8OhALWfslSo7

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks